MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

Taxonomies updated to the latest version

pull/2/head
Alexandre Dulaunoy 2017-05-04 21:30:46 +02:00
parent 0058dee01a
commit dcc3d35fb2
1 changed files with 284 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

300
taxonomies.html
View File

@ -476,7 +476,12 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
<li><a href="#_analyst_assessment">analyst-assessment</a>
<ul class="sectlevel2">
<li><a href="#_experience">experience</a></li>
<li><a href="#_alternative_points_of_view_process">alternative-points-of-view-process</a></li>
<li><a href="#_binary_reversing_arch">binary-reversing-arch</a></li>
<li><a href="#_binary_reversing_experience">binary-reversing-experience</a></li>
<li><a href="#_os">os</a></li>
<li><a href="#_web">web</a></li>
<li><a href="#_web_experience">web-experience</a></li>
<li><a href="#_crypto_experience">crypto-experience</a></li>
</ul>
</li>
<li><a href="#_binary_class">binary-class</a>
@ -652,6 +657,11 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
<li><a href="#_other_2">other</a></li>
</ul>
</li>
<li><a href="#_event_assessment">event-assessment</a>
<ul class="sectlevel2">
<li><a href="#_alternative_points_of_view_process">alternative-points-of-view-process</a></li>
</ul>
</li>
<li><a href="#_fr_classif">fr-classif</a>
<ul class="sectlevel2">
<li><a href="#_classifiees_defense">classifiees-defense</a></li>
@ -797,6 +807,11 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
<li><a href="#_ex_chr">ex:chr</a></li>
</ul>
</li>
<li><a href="#_tor">tor</a>
<ul class="sectlevel2">
<li><a href="#_tor_relay_type">tor-relay-type</a></li>
</ul>
</li>
<li><a href="#_veris">veris</a>
<ul class="sectlevel2">
<li><a href="#_iso_currency_code">iso_currency_code</a></li>
@ -1462,7 +1477,7 @@ analyst-assessment namespace available in JSON format at <a href="https://github
</table>
</div>
<div class="paragraph">
<p>A series of assessment predicates describing the analyst capabilities to perform analysis or making judgments under a certain level of uncertainty. These assessment can be assigned by the analyst him/herself or by another party evaluating the analyst.</p>
<p>A series of assessment predicates describing the analyst capabilities to perform analysis. These assessment can be assigned by the analyst him/herself or by another party evaluating the analyst.</p>
</div>
<div class="sect2">
<h3 id="_experience">experience</h3>
@ -1498,41 +1513,188 @@ analyst-assessment namespace available in JSON format at <a href="https://github
</div>
</div>
<div class="sect2">
<h3 id="_alternative_points_of_view_process">alternative-points-of-view-process</h3>
<h3 id="_binary_reversing_arch">binary-reversing-arch</h3>
<div class="sect3">
<h4 id="_analyst_assessment_alternative_points_of_view_process_analytic_debates_within_the_organisation">analyst-assessment:alternative-points-of-view-process="analytic-debates-within-the-organisation"</h4>
<h4 id="_analyst_assessment_binary_reversing_arch_x86">analyst-assessment:binary-reversing-arch="x86"</h4>
<div class="paragraph">
<p>analytic debates within the organisation</p>
<p>x86-32 &amp; x86-64</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_alternative_points_of_view_process_devils_advocates_methodology">analyst-assessment:alternative-points-of-view-process="devils-advocates-methodology"</h4>
<h4 id="_analyst_assessment_binary_reversing_arch_arm">analyst-assessment:binary-reversing-arch="arm"</h4>
<div class="paragraph">
<p>Devil&#8217;s advocates methodlogy</p>
<p>ARM &amp; ARM-64</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_alternative_points_of_view_process_competitive_analysis">analyst-assessment:alternative-points-of-view-process="competitive-analysis"</h4>
<h4 id="_analyst_assessment_binary_reversing_arch_mips">analyst-assessment:binary-reversing-arch="mips"</h4>
<div class="paragraph">
<p>competitive analysis</p>
<p>mips &amp; mips-64</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_alternative_points_of_view_process_interdisciplinary_brainstorming">analyst-assessment:alternative-points-of-view-process="interdisciplinary-brainstorming"</h4>
<h4 id="_analyst_assessment_binary_reversing_arch_powerpc">analyst-assessment:binary-reversing-arch="powerpc"</h4>
<div class="paragraph">
<p>interdisciplinary brainstorming</p>
<p>PowerPC</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_binary_reversing_experience">binary-reversing-experience</h3>
<div class="sect3">
<h4 id="_analyst_assessment_binary_reversing_experience_less_than_1_year">analyst-assessment:binary-reversing-experience="less-than-1-year"</h4>
<div class="paragraph">
<p>Less than 1 year</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_alternative_points_of_view_process_intra_office_peer_review">analyst-assessment:alternative-points-of-view-process="intra-office-peer-review"</h4>
<h4 id="_analyst_assessment_binary_reversing_experience_between_1_and_5_years">analyst-assessment:binary-reversing-experience="between-1-and-5-years"</h4>
<div class="paragraph">
<p>intra-office peer review</p>
<p>Between 1 and 5 years</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_alternative_points_of_view_process_outside_expertise_review">analyst-assessment:alternative-points-of-view-process="outside-expertise-review"</h4>
<h4 id="_analyst_assessment_binary_reversing_experience_between_5_and_10_years">analyst-assessment:binary-reversing-experience="between-5-and-10-years"</h4>
<div class="paragraph">
<p>Outside expertise review</p>
<p>Between 5 and 10 years</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_binary_reversing_experience_between_10_and_20_years">analyst-assessment:binary-reversing-experience="between-10-and-20-years"</h4>
<div class="paragraph">
<p>Between 10 and 20 years</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_binary_reversing_experience_more_than_20_years">analyst-assessment:binary-reversing-experience="more-than-20-years"</h4>
<div class="paragraph">
<p>More than 20 years</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_os">os</h3>
<div class="sect3">
<h4 id="_analyst_assessment_os_windows">analyst-assessment:os="windows"</h4>
<div class="paragraph">
<p>Current Microsoft Windows system</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_os_linux">analyst-assessment:os="linux"</h4>
<div class="paragraph">
<p>GNU/linux derivative OS</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_os_ios">analyst-assessment:os="ios"</h4>
<div class="paragraph">
<p>Current IOS</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_os_macos">analyst-assessment:os="macos"</h4>
<div class="paragraph">
<p>Current Apple OS</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_os_android">analyst-assessment:os="android"</h4>
<div class="paragraph">
<p>Current Android OS</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_os_bsd">analyst-assessment:os="bsd"</h4>
<div class="paragraph">
<p>BSD</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_web">web</h3>
<div class="sect3">
<h4 id="_analyst_assessment_web_ipex">analyst-assessment:web="ipex"</h4>
<div class="paragraph">
<p>Inter-protocol exploitations</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_web_common">analyst-assessment:web="common"</h4>
<div class="paragraph">
<p>Common vulnerabilities as SQL injections, CSRF, XSS, CSP bypasses, etc.</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_web_js_desobfuscation">analyst-assessment:web="js-desobfuscation"</h4>
<div class="paragraph">
<p>De-obfuscation of Javascript payloads</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_web_experience">web-experience</h3>
<div class="sect3">
<h4 id="_analyst_assessment_web_experience_less_than_1_year">analyst-assessment:web-experience="less-than-1-year"</h4>
<div class="paragraph">
<p>Less than 1 year</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_web_experience_between_1_and_5_years">analyst-assessment:web-experience="between-1-and-5-years"</h4>
<div class="paragraph">
<p>Between 1 and 5 years</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_web_experience_between_5_and_10_years">analyst-assessment:web-experience="between-5-and-10-years"</h4>
<div class="paragraph">
<p>Between 5 and 10 years</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_web_experience_between_10_and_20_years">analyst-assessment:web-experience="between-10-and-20-years"</h4>
<div class="paragraph">
<p>Between 10 and 20 years</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_web_experience_more_than_20_years">analyst-assessment:web-experience="more-than-20-years"</h4>
<div class="paragraph">
<p>More than 20 years</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_crypto_experience">crypto-experience</h3>
<div class="sect3">
<h4 id="_analyst_assessment_crypto_experience_less_than_1_year">analyst-assessment:crypto-experience="less-than-1-year"</h4>
<div class="paragraph">
<p>Less than 1 year</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_crypto_experience_between_1_and_5_years">analyst-assessment:crypto-experience="between-1-and-5-years"</h4>
<div class="paragraph">
<p>Between 1 and 5 years</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_crypto_experience_between_5_and_10_years">analyst-assessment:crypto-experience="between-5-and-10-years"</h4>
<div class="paragraph">
<p>Between 5 and 10 years</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_crypto_experience_between_10_and_20_years">analyst-assessment:crypto-experience="between-10-and-20-years"</h4>
<div class="paragraph">
<p>Between 10 and 20 years</p>
</div>
</div>
<div class="sect3">
<h4 id="_analyst_assessment_crypto_experience_more_than_20_years">analyst-assessment:crypto-experience="more-than-20-years"</h4>
<div class="paragraph">
<p>More than 20 years</p>
</div>
</div>
</div>
@ -4955,6 +5117,65 @@ europol-incident namespace available in JSON format at <a href="https://github.c
</div>
</div>
<div class="sect1">
<h2 id="_event_assessment">event-assessment</h2>
<div class="sectionbody">
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
event-assessment namespace available in JSON format at <a href="https://github.com/MISP/misp-taxonomies/blob/master/event-assessment/machinetag.json"><strong>this location</strong></a>. The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a> taxonomy.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>A series of assessment predicates describing the event assessment performed to make judgement(s) under a certain level of uncertainty.</p>
</div>
<div class="sect2">
<h3 id="_alternative_points_of_view_process">alternative-points-of-view-process</h3>
<div class="sect3">
<h4 id="_event_assessment_alternative_points_of_view_process_analytic_debates_within_the_organisation">event-assessment:alternative-points-of-view-process="analytic-debates-within-the-organisation"</h4>
<div class="paragraph">
<p>analytic debates within the organisation</p>
</div>
</div>
<div class="sect3">
<h4 id="_event_assessment_alternative_points_of_view_process_devils_advocates_methodology">event-assessment:alternative-points-of-view-process="devils-advocates-methodology"</h4>
<div class="paragraph">
<p>Devil&#8217;s advocates methodlogy</p>
</div>
</div>
<div class="sect3">
<h4 id="_event_assessment_alternative_points_of_view_process_competitive_analysis">event-assessment:alternative-points-of-view-process="competitive-analysis"</h4>
<div class="paragraph">
<p>competitive analysis</p>
</div>
</div>
<div class="sect3">
<h4 id="_event_assessment_alternative_points_of_view_process_interdisciplinary_brainstorming">event-assessment:alternative-points-of-view-process="interdisciplinary-brainstorming"</h4>
<div class="paragraph">
<p>interdisciplinary brainstorming</p>
</div>
</div>
<div class="sect3">
<h4 id="_event_assessment_alternative_points_of_view_process_intra_office_peer_review">event-assessment:alternative-points-of-view-process="intra-office-peer-review"</h4>
<div class="paragraph">
<p>intra-office peer review</p>
</div>
</div>
<div class="sect3">
<h4 id="_event_assessment_alternative_points_of_view_process_outside_expertise_review">event-assessment:alternative-points-of-view-process="outside-expertise-review"</h4>
<div class="paragraph">
<p>Outside expertise review</p>
</div>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_fr_classif">fr-classif</h2>
<div class="sectionbody">
<div class="admonitionblock note">
@ -11713,6 +11934,53 @@ tlp namespace available in JSON format at <a href="https://github.com/MISP/misp-
</div>
</div>
<div class="sect1">
<h2 id="_tor">tor</h2>
<div class="sectionbody">
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
tor namespace available in JSON format at <a href="https://github.com/MISP/misp-taxonomies/blob/master/tor/machinetag.json"><strong>this location</strong></a>. The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a> taxonomy.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>Taxonomy to describe Tor network infrastructure</p>
</div>
<div class="sect2">
<h3 id="_tor_relay_type">tor-relay-type</h3>
<div class="sect3">
<h4 id="_tor_tor_relay_type_entry_guard_relay">tor:tor-relay-type="entry-guard-relay"</h4>
<div class="paragraph">
<p>Entry node to the Tor network</p>
</div>
</div>
<div class="sect3">
<h4 id="_tor_tor_relay_type_middle_relay">tor:tor-relay-type="middle-relay"</h4>
<div class="paragraph">
<p>Tor node relaying traffic between an entry-guard-relay to an exit-relay</p>
</div>
</div>
<div class="sect3">
<h4 id="_tor_tor_relay_type_exit_relay">tor:tor-relay-type="exit-relay"</h4>
<div class="paragraph">
<p>Tor node relaying traffic outside of the Tor network to the original destination</p>
</div>
</div>
<div class="sect3">
<h4 id="_tor_tor_relay_type_bridge_relay">tor:tor-relay-type="bridge-relay"</h4>
<div class="paragraph">
<p>Entry node to the Tor network - partially unpublished</p>
</div>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_veris">veris</h2>
<div class="sectionbody">
<div class="admonitionblock note">
@ -17697,7 +17965,7 @@ vocabulaire-des-probabilites-estimatives namespace available in JSON format at <
</div>
<div id="footer">
<div id="footer-text">
Last updated 2017-04-30 11:36:14 CEST
Last updated 2017-05-04 21:14:40 CEST
</div>
</div>
</body>